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« 77je MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)13 Responsive to communication(s) filed on 02 March 2000 . 
2a)l3 This action is FINAL. 2b)D This action is non-final. 

3)D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 
closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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4}|3 Claim(s) 1-22 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) |3 Claim(s) 1^22 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
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DETAILED ACTION 
Response to Amendment 
Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed publication in this 
or a foreign country, before the invention thereof by the applicant for a patent. 

2. Claims 1,11, 21, and 22 are rejected under 35 U.S.C. 102(a) as being anticipated by 
Patent No. 5,241,594, Kung et al. 

3. Regarding claim 1 , Kung discloses a method of performing multiple user authentications 
with a single sign-on, comprising: 

performing a first user authentication (Kung, fig. 3, label 41, 42, col. 4, line 44-48); 
selecting a remote server subsequent to said first authentication (Kung, fig. 3, label 54); 
sending a token or "ID code and password" to said remote server containing 
authentication information responsive to said first authentication, wherein the token also 
contains information regarding an account for the user including at least one of a new 
account for the user and an update to an existing account for the user (Kung, fig. 4, label 
20, col. 3, line 4-6); and 
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decoding said authentication information, wherein said decoding or "comparing" said 
authentication information induces a second user authentication (Kung, fig. 3, label 49, 48, col. 

3. line 7-9). 

4. Regarding claim 11, Kung discloses claim 1 as mentioned above, in addition discloses a 
user sign-on interface and link interface to select a remote server (Kung, col. 4, line 7-9, 37-40) 

5. Regarding claims 21, and 22, Kung discloses similar reasoning as in claim 1 above. 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claims 2-4, 9, 10, 12-13, are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Patent No. 5,241,594, Kung et al in view Patent No. 5,661,807, Guski et al. 

8. Regarding claim 2, Kung discloses a token, but fails to show the said sending includes 
sending said token within a universal resource locator. However, Guski et al discloses an 
authentication system using one-time password where at the requesting node a non-time 
dependent is generated from a non-secret information identifying a user and the host application 
ID (an universal resource locator) (Guski, Abstract, col. 6, lines 29-30). This is combined with a 
time-dependent value to produce a composite value that is encrypted to produce an 
authentication parameter or "token" (Abstract). Guski further teaches that it is a secure way to 
access host applications because the user's real host authentication password does not flow 
across the network in clear text, nor can the one-time password be reused if intercepted (Guski, 
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col. 1, line 58-62). It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Kung as per teaching of Guski to gain the advantage of using one-time 
passwords because it prevents unauthorized access to a remote server from the reuse of the 
authentication token and guarantees the integrity of the authentication information (Guski, col. 1, 
line 58-62). 

9. Regarding claim 3, Kung et al and Guski et al disclose claim 2 as mentioned above, in 
addition discloses said token includes a timestamp (Guski, col. 2, line 62-64). 

10. Regarding claim 4, Kung et al and Guski et al teach claim 2 as mentioned above, in 
addition discloses said token is encrypted (Guski, Abstract, line 9-10). 

3. Regarding claim 9, Kung et al and Guski et al disclose claim 1 as mentioned above, in 
addition discloses said first user authentication occurs within an Intranet (Kung, col. 2, line 60- 
64). 

1 1 . Regarding claim 10, Kung et al and Guski et al disclose claim 1 as mentioned above, in 
addition discloses said second user authentication occurs within said remote server (Kung, col. 3, 
line 7-9). 

1 2. Regarding claim 1 2, Kung et al and Guski discloses similar subject matter as mentioned 
above in claim 2. 

13. Regarding claim 13, Kung et al and Guski discloses similar subject matter as mentioned 
above in claim 3. 

14. Regarding claim 19, Kung et al and Guski discloses similar subject matter as mentioned 
above in claim 9. 
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15. Regarding claim 20, Kung et al and Guski discloses similar subject matter as mentioned 
above in claim 10. 

16. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

17. Claims 5-8, and 15-18 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Patent No. 5,241,594, Kung et al in view Patent No. 5,661,807, Guski et al. in further view of 
Microsoft Press, Computer Dictionary, 3 rd Edition. 

18. Regarding claims 5, 15, Kung et al and Guski et al teach claim 2 as mentioned above, in 
addition discloses, registering new users, but fails to disclose that a the token includes new user 
flag. However, Mirosoft Press teaches that a flag is used by a computer in processing or 
interoperating information and is used in information processing. Depending on its use, a flag 
can be a code, embedded in data, that identifies some condition or to indicate an event of some 
type (Microsoft Press, pg. 198). It would have been obvious to one of ordinary skill in the art at 
the time of the invention to modify Kung as per teaching of Guski in further view of Microsoft 
Press to gain the advantage of using flags because it will enable the client to communicate a 
condition to the remote host to process along with the authentication token and trigger a response 
accordingly. 

19. Regarding claims 6, 16, Kung et al and Guski et al in further view of Microsoft Press 
teach claim 5, in addition teaches said remote server creates a new user account in response to 
said new user flag (Kung, col. 3, line 35-36, Microsoft Press, pg. 198, line 10). 
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20. In regards to claim 7, 17, Kung et al and Guski et al in further view of Microsoft Press 
teach claim 5, in addition teaches said token includes user profile update information (Kung, col. 
3, line 35-36, Microsoft Press, pg. 198, line 10). 



2 1 . Applicant's arguments filed on page 8 have been fully considered but they are not 
persuasive. This examiner respectfully disagrees to allow method, system, and computer 
readable medium claims [1-22], because of the amended limitation of "information regarding an 
account for the user including at least one of a new account for the user and an update to an 
existing account for the user" Kung shows the second authentication where "the authentication 
information (token) is compared with authentication information for the same user stored in the 
second computer", (Kung, col. 3, line 7-9). It is irrelevant what the said authentication 
information is since this step does not fundamentally change the process of authenticating a user. 
Neither does it change how the system operates, nor does it change the computer readable 
medium having stored instructions. The additional information is merely extra data incorporated 
into the token data structure. Thusly, all the rejections for the above claims stand. 



22. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Mossadeq Zia whose telephone number is 703-305-8425. The 
examiner can normally be reached on Monday- Friday between 8:30am - 5:00pm. 



Response to Arguments 



Conclusion 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Greg Morse can be reached on 703-308-4789. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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Examiner 
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